{"report_id":"c5b348d9-ef88-4dc2-ba95-1387fc736cc8","version":6,"status":"done","tags":[],"date":"2026-01-31T14:12:57Z","url":{"schema":"https","addr":"fi-worldcupclub.com","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"fi-worldcupclub.com/","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"title":"世界杯赔率-官方登录与投注指南|World Cup","dom":{"size":20689,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"501774391536afc2ebeae688c03a227e","sha1":"7cf1397605a5be1698fb1dc3e8a11f084c5bef89","sha256":"40c6d19900d3d6687651602b8ad826cc69f049cc71c6b585d36ec31bcb1407f6","sha512":"b691201204061102467147d0be99617dd95c5471530ffdc15811187e4ab56324ec51392568672e0df130767d4ebc9e6593d3c5f562b08c0fd0b4f8bf840f1da4","ssdeep":"384:4qhSMzXIq5c/a73X+JovuC+CT65iVFfCnzgKwEKlK3CpK2xcV1/66mwfd:PBPtGC9T65iVFfCnzgiW2kzWV1/66mw1","tlshash":"1b92837354f8797f00a385e96624ab0f6ed2d20bd51fa541b2fe47dc2f92c92884361e","dom_hash":"domhash3fbb4a3d2e4634d363b22d7243d4e385","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"fi-worldcupclub.com","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":0,"asn":0,"as":"","country":"United States","country_code":"US"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-07T14:12:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"fi-worldcupclub.com","ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2026-01-29","domain_rank":0,"first_seen":"2026-01-31T14:12:57.917646Z","last_seen":"2026-01-31T14:12:57.917646Z","alert_count":18,"request_count":18,"received_data":1404627,"sent_data":8380,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"fi-worldcupclub.com/e/dongpo/tz/tz.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4c227f0888c9eb058730d6d266b0cc8","sha1":"5f55a1a6c200e8668b5deb58b1cc49d2f0d5fa57","sha256":"4ce97a228737da2c078cf8a0ff04135e112c17238364e631c46c97b53061d104","sha512":"3d0c3d365d6cd29cbedb180b53f488d1e42ecdead99339d96da52b12e1244cfd779f27007b77feb05623fab5c871c3ec10c28e96896bf5b9e335fc787f48fef7","ssdeep":"","tlshash":"3a6000030000000c030000c0c3c030cc003330000300000f30c00330300c00300c3000","size":14,"data":"","first_seen":"2026-01-31T14:13:02.41021Z","last_seen":"2026-03-24T05:09:22.317969Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/js/home.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","size":5802,"data":"","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-04-03T09:54:39.373772Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/e/dongpo/tz/tj.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a491af151f48beb16ba5621f68b4d0b","sha1":"91f1d44b5ca9a04a55bb7698bb3944550ed71b91","sha256":"9f19096a73f6fcb28aadb4f09ebb1d58beb023b1ab0802b103f25c05a03db706","sha512":"37d3e46bb1992092b8841c6e128d6e9eb7c71c73d69ab165030b92f2be6a40b766be94cb4c466170a16fe0d9d2893903096dda4e35da0397934e9cd0e1d9487c","ssdeep":"","tlshash":"db6000303c00cc300c000c0c003f0c00000c03000000000f000003cc000000f00000f0","size":12,"data":"","first_seen":"2026-01-31T14:13:02.405924Z","last_seen":"2026-03-27T05:22:41.362703Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","size":80821,"data":"","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-04-03T16:07:50.952152Z","times_seen":1052,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-03T16:58:40.478999Z","times_seen":2917,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/cover/fiworldcupclubcom/mission-39.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/cover/fiworldcupclubcom/mission-39.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 79498\r\nlast-modified: Fri, 30 Jan 2026 08:23:19 GMT\r\netag: \"697c6a77-1368a\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":79498,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 566x377, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5d022a629f6e08c7ac85433bbdb7f9da","sha1":"a940a7c432a6fea6dd8b21fd158b001366dcd3ec","sha256":"358e1f713511c0d056e06c64db8d4f78df1aa57938802bcae651c6b5f85adcdd","sha512":"39dba6d5d8ba9142d4b9cf44932eb04dbabc541817c9ab3e2972ffd0c94dbb5764d1a553e3b1caf9f2837839814f0cb02609eeec9efe4294cb11d9cd94d1ebb9","ssdeep":"1536:xZzllUx3gc+5G2+fjLsd9rNqFvfj9MuSVkle/UYskzd9mUqoKaLUh6eI:fll3Zt+8/qdfj9LSVHUzad9mUqoo69","tlshash":"1173124b175c89dab4b24b0d50cc0ffaee292ad3b16e10653f8c55067f6647e90c624f","first_seen":"2026-01-31T14:13:02.404068Z","last_seen":"2026-01-31T15:17:44.054341Z","times_seen":2,"resource_available":false,"data":null}},"time_used":884,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":314,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/cover/fiworldcupclubcom/footer-39.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:39.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/cover/fiworldcupclubcom/footer-39.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:39 GMT\r\ncontent-type: image/webp\r\ncontent-length: 77902\r\nlast-modified: Fri, 30 Jan 2026 08:23:19 GMT\r\netag: \"697c6a77-1304e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":77902,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 574x409, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"17063750bc98aafca7fb35643968357c","sha1":"35bba64c1fb91c903382047b7461f1e4fd0c4feb","sha256":"91675ec8a4149e67059d6e1b394563883911e3770523d89ad0406cfcafffce8d","sha512":"ceb0a96bc832b2cb4c1a62cb3a2839218e3a6f20b8aa1f0ce0f0d6ac34a4ba00b7a1e07bf2641ef4e1a3f3e4f94c5c1ff1d346ffde7b1e1e282924b0d02b7bd4","ssdeep":"1536:1oGR8TrZhROKTXw5pkLJvNxUIWT9ObWOZqGewAmxobAAkxWThlFtl:1f0lhRDTDd3U3ObNTlAzbAAkxIzl","tlshash":"2c7302c465e27f2e7d785c26ff348b87821ee9818741264a9f1118c608cfdb746bda38","first_seen":"2026-01-31T14:13:02.405025Z","last_seen":"2026-01-31T15:17:44.074342Z","times_seen":2,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":404,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/e/dongpo/tz/tj.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /e/dongpo/tz/tj.js HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 12\r\nlast-modified: Thu, 27 Nov 2025 09:01:50 GMT\r\netag: \"6928137e-c\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"8a491af151f48beb16ba5621f68b4d0b","sha1":"91f1d44b5ca9a04a55bb7698bb3944550ed71b91","sha256":"9f19096a73f6fcb28aadb4f09ebb1d58beb023b1ab0802b103f25c05a03db706","sha512":"37d3e46bb1992092b8841c6e128d6e9eb7c71c73d69ab165030b92f2be6a40b766be94cb4c466170a16fe0d9d2893903096dda4e35da0397934e9cd0e1d9487c","ssdeep":"","tlshash":"db6000303c00cc300c000c0c003f0c00000c03000000000f000003cc000000f00000f0","first_seen":"2026-01-31T14:13:02.405924Z","last_seen":"2026-03-27T05:22:41.362703Z","times_seen":9,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/swiper/css/swiper-bundle.min.css","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/swiper/css/swiper-bundle.min.css HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 08 Jul 2025 14:36:40 GMT\r\nvary: Accept-Encoding\r\netag: W/\"686d2cf8-4691\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18065,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17812)","md5":"ea28ae0aaf82709381c57d6a7daa7a05","sha1":"a7c528dc9018aeefed9a52337168decb220e2f61","sha256":"af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2","sha512":"9c63402a957e06b7c365a6cf5f53baaba991953e7bfda99d8feeaf177db6a2782a28004b1d82df2dcde362d5556e4891f6da300d63cf13d816144dadb1920f66","ssdeep":"192:1VmUJbiKne0JlXZHZ+Sme+jexS4nxep/a2GZb0Q5nfufKlAYfg5fyeesedOJ9A5Q:1gUbe0JdZHZ+W+SFnZ24tlWfF4XYz","tlshash":"d08245a85340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-03T15:15:58.904717Z","times_seen":3376,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/fontawesome/css/all.min.css","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/fontawesome/css/all.min.css HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Jul 2025 04:17:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6864b2c2-1907e\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102526,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"c43cd173eeeba2f72aa6b431d06b8c07","sha1":"427a692f7f39eabb3d5b8510aee2743025daf813","sha256":"c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a","sha512":"02f6f6422b83104bc1e1b64961d7edda63635528417ed2dd3c6f0527457b8ab4cb43c528d2a70fc61e0f96aec6e6d1a6d2b53ed523e1568b6d78ba41111c1393","ssdeep":"1536:vwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgmLCq:P709gMGFiyPG9ZimLCq","tlshash":"4fa3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2024-01-04T18:36:36Z","last_seen":"2026-04-03T17:29:35.78657Z","times_seen":7092,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/logo/fiworldcupclubcom/logo.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/logo/fiworldcupclubcom/logo.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4238\r\nlast-modified: Fri, 30 Jan 2026 08:23:18 GMT\r\netag: \"697c6a76-108e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x140, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f10a5aa4aa1194b5bab6ebbd35dca42d","sha1":"9f77828f240919ef08dd3aec0273f5c6bf672ffc","sha256":"6d30b8bfb6cd1790a4aa6011c0933662847814e47909af1114fb528e15ace129","sha512":"fab204df52170c15cb98460dcd7db94f4dffc7454cc6e9a86c8c9ee40b0c5256bf04ba8f3c5d09ff4681b9ac9168b6774b7d6f8b59554d430045726160913930","ssdeep":"96:CNuVJ1tYKwlhrVBLa3t0ilg46JbT8sxEZXQ8ZxCmMg:r16XV0tDp6JbTnEZbz","tlshash":"c9917d1c471574dc1ac073ec97bed222083eff411a2c801a89aa6fb58f98a1ed7455a8","first_seen":"2026-01-31T14:13:02.408278Z","last_seen":"2026-01-31T15:17:44.063004Z","times_seen":2,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/cover/fiworldcupclubcom/security-39.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/cover/fiworldcupclubcom/security-39.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 89956\r\nlast-modified: Fri, 30 Jan 2026 08:23:19 GMT\r\netag: \"697c6a77-15f64\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89956,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 590x393, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"16cece9c0890d85d618b0ce058aa1f67","sha1":"49cb3eedd66a2dd707a306633da2ab8ada0372fc","sha256":"dc18d60d227f5d6558191218097027a29b7d0b8897e9ca3858e9efcc5e630f69","sha512":"80522133c6ca01e3c6161e2cc1765d2802847b28393dd76e94efb427bc7588d37c8d580367085fac08ff2b8b86dea833c10c94d5417fcd216a8b91bdcbf71913","ssdeep":"1536:H7VJDyqM38niPLi2PODNjZiD4I+3mF2wXtRn0Dy7SxDgWQxyBKfsa:H7VO3EiPLUD9EkI+pwXtRn0Dy7SxeyBo","tlshash":"4b9302e6c4fd8f0de720f212a1d00c405f6c9e775c6f8ea9a1d3219287a4abb57b1794","first_seen":"2026-01-31T14:13:02.409087Z","last_seen":"2026-01-31T15:17:44.05245Z","times_seen":2,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":312,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/e/dongpo/tz/tz.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /e/dongpo/tz/tz.js HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 14\r\nlast-modified: Thu, 27 Nov 2025 10:26:50 GMT\r\netag: \"6928276a-e\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with no line terminators","md5":"f4c227f0888c9eb058730d6d266b0cc8","sha1":"5f55a1a6c200e8668b5deb58b1cc49d2f0d5fa57","sha256":"4ce97a228737da2c078cf8a0ff04135e112c17238364e631c46c97b53061d104","sha512":"3d0c3d365d6cd29cbedb180b53f488d1e42ecdead99339d96da52b12e1244cfd779f27007b77feb05623fab5c871c3ec10c28e96896bf5b9e335fc787f48fef7","ssdeep":"","tlshash":"3a6000030000000c030000c0c3c030cc003330000300000f30c00330300c00300c3000","first_seen":"2026-01-31T14:13:02.41021Z","last_seen":"2026-03-24T05:09:22.317969Z","times_seen":7,"resource_available":true,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/swiper/js/swiper-bundle.min.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.766Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/swiper/js/swiper-bundle.min.js HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 03 Jul 2025 05:58:22 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68661bfe-22512\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-03T16:58:40.478999Z","times_seen":2917,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/ico/favicon39.ico","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:39.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/ico/favicon39.ico HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:39 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 16958\r\nlast-modified: Wed, 09 Jul 2025 09:42:24 GMT\r\netag: \"686e3980-423e\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16958,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel","md5":"6efc464aa1c822ece6c7e0d63427ce62","sha1":"f9d98ffd974077133da35629c064efec7b6ad93e","sha256":"1814de0aeade8fc13fda047d352bce1fe7637958ee96534a92af0a77f56368c8","sha512":"666416a3d0bb3817994e3ee5bd1d5ddbd6fa876f4c640ef6016d2bd09d01735bf95fa3534a945422409e162319a0a0b7313fd4398a02f6ac580cf87b9e7b728c","ssdeep":"192:rpyzcoBdPk/zzcORssOssZssOssmOVcd8sLlssSssnh8ssssss+ssssssHUpsss3:9yzcoHc/JZHAPXC1CIeo","tlshash":"cb721cd35f88bd93ed0861b470679b64153c1d76688bf06b9cc4330f28beb27a52259e","first_seen":"2026-01-31T14:13:02.41164Z","last_seen":"2026-03-15T22:28:03.900415Z","times_seen":3,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/js/bootstrap.bundle.min.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 02 Jul 2025 05:41:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6864c69c-13bb5\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80821,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"21d4551af5cc4ed4d818bdbdfea8c358","sha1":"df272a07ed30eaf8025b699c45736ba9d284e4d4","sha256":"35f4547d9364111aca4850347356bc5660a994f0d8b694d88f995098a7b547fa","sha512":"4dcd22faf4688265f834deedb8b6d07c1c5af0991f512031485573994df59d5747ca21c494f3f2d9c59f15a7260892b0d15aa8bebcca85d7764d24cc740c69da","ssdeep":"1536:/SwJiEbnTl6R2t49CFliFCIg/yWszSraJd5qUFH9tZwcE+iYZMgZdj:6wfs+SSO5q4tZwcEVYZFj","tlshash":"2383b5593244b8730ade85b68037430bf2265998b14b812cb57cadde2a7dcc67277f78","first_seen":"2025-06-18T01:20:12.005242Z","last_seen":"2026-04-03T16:07:50.952152Z","times_seen":1052,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/css/bootstrap.min.css","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/bootstrap/css/bootstrap.min.css HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 02 Jul 2025 04:17:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6864b2c4-38a52\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":232018,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"50c95aae1a6c1e089c11681d1e1906f8","sha1":"a65e4fd8db9bd0440de2d6d73c9e7cd00fce4a8d","sha256":"cd1826581e4f2b80af4f1e05897b316c7698441063cffaefbbdeec382ee4cd72","sha512":"7f0edff9370c8d36fb6e96cb25994ff20d98e17702c85656f2ecbc1ec459b07fd2c1b330d2994a1c51ebf7d0cdde5d3856c60dc2fce27145ffeaababbc8c5bc7","ssdeep":"1536:v9xnXGi9GfJkfvq5wlP7cQZDR9uvV982sYRElV6V6pz600I41r:HnXp9GfrV98II6V6pz600I41r","tlshash":"d03482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-06-19T07:12:41.126365Z","last_seen":"2026-04-03T16:07:50.886442Z","times_seen":1027,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":312,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/cover/fiworldcupclubcom/about-39.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/cover/fiworldcupclubcom/about-39.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 110754\r\nlast-modified: Fri, 30 Jan 2026 08:23:18 GMT\r\netag: \"697c6a76-1b0a2\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":110754,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 670x445, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"da4398362d006ffd681a34f9295fbb5d","sha1":"e81a6ac5c01b82e77ee16083aa3812d166bb6f3a","sha256":"ff952ffc40aa7f76dd430631da2a4bcaa89c64065cbda97c8832647bf4c5b926","sha512":"9dc68f94cb2123418c7e4e4369501dbe125e6066f6995f887e1e62a4238c1899bef7f2f7d8821afca3fb897c16f69c36235349fed23660b5e523924e87d3006e","ssdeep":"1536:kSkYgk3T1VGKr2Kg7JmbokffP5tK/uwt9tO1LlAXyPC2/Bhgeryd97hyxGc3+cCa:LkDq1VsmbxfLDcOlAXy6aB6AyT1yxc/a","tlshash":"feb312fb5a2b3cd1ac35720dc6b669b4ca6065809b0a171dd740e04e139ee93d877b1f","first_seen":"2026-01-31T14:13:02.414238Z","last_seen":"2026-01-31T15:17:44.064696Z","times_seen":2,"resource_available":false,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":308,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/js/home.js","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.768Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/bootstrap/js/home.js HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 14 Jul 2025 17:49:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68754346-16aa\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5802,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"16c93ef01acd14ec64c07020d638253e","sha1":"9c7b9d1a61977675c7f128bf2e27093d3cfe37f6","sha256":"f0795e9620ff382d585e15e40f303b394863fc5fa3dbdecd140adcbc4e51ffd2","sha512":"218d41ff60e128ff13105f9d376cfac1b80401527884da7b6179bab1fe8e9aa9e5959873bc5385798c8a5c6fb7aedce8e68b17112833cc16c096e0dc214d35ea","ssdeep":"96:6P7fgtAVMsSMCM1vUrp8KtQJQ1l/2o3RV0uRC6v6qyS+KQkIF:6P7fg+VSVAvUr2KaG1Zd3YuRriqyDKQH","tlshash":"91c1551a62b42433447775bb97af57c477212087b8c6ec393dfcc6080f845aa59f1aea","first_seen":"2025-10-09T23:37:04.756251Z","last_seen":"2026-04-03T09:54:39.373772Z","times_seen":51,"resource_available":true,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/fontawesome/webfonts/fa-solid-900.woff2","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:39.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/skin/fontawesome/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:39 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 158220\r\nlast-modified: Fri, 13 Dec 2024 14:50:06 GMT\r\netag: \"675c499e-26a0c\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":158220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 158220, version 775.1280","md5":"4a6591ab5460ae5cbff1ecbd6e52193a","sha1":"7cd8afd6501962fda35d66f0e4c3b8815ac471d8","sha256":"aa75998623a391e61c6901794ace832e3ecdd288b56d608f21bea0411acc0b8e","sha512":"96c5d3283b71613b595b6b0420333bef5d64451af05c59dde27ec5b3e7cfe6e9549c604cddfbcb79cbc0fd4cd6f2e22a130c9a220b1b7ef933ac9df8c8e695d6","ssdeep":"3072:RauSB5FANIRLpsBaBrJGNG3ECNQztRvHHqkqLrlF:guSqN6ptrJGo3POh9KT9F","tlshash":"0ef312a710c6b95684a3a51b336adeb52c3ed363fcb6cd73be340114689da9c2e4d190","first_seen":"2024-12-19T10:41:23.153533Z","last_seen":"2026-04-03T17:29:59.059314Z","times_seen":20842,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":400,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-31T14:12:35.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21380,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"457156ed3286eb66b504d1467a16251f","sha1":"7f8c9c9af19fa19a836964f73b61f3961d004fc2","sha256":"d6b60ae2f37007383e6bd20ac0d6c5ecdfd05359ebeedba41cbf7b3eaf2e70d5","sha512":"3b494381b306e13448ab6cf7f87dc79f219c4a3e6d224f488ca6e55d22b35e1ce3865fa478c00a99441833d5bbcb9b43b377f96c1095990121b112bc0c68d037","ssdeep":"384:sqhSMzXqUWvuCaCT65iVFfC0zgKwEKlK3CpK2xcV1/N6mwf9:rBHWGCpT65iVFfC0zgiW2kzWV1/N6mwV","tlshash":"4592937354f8797f00a385e86624ab0f6ed2d20bd51fa545b2fe47dc2f92c92890361e","first_seen":"2026-01-31T14:13:02.416563Z","last_seen":"2026-01-31T15:17:44.059945Z","times_seen":2,"resource_available":false,"data":null}},"time_used":3498,"timings":{"blocked":634,"dns":327,"connect":151,"send":0,"wait":2226,"receive":0,"ssl":157},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/bootstrap/css/module.css","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/bootstrap/css/module.css HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 25 Jul 2025 02:07:14 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6882e6d2-28112\"\r\nexpires: Sun, 01 Feb 2026 02:12:38 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":164114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65518)","md5":"67e45932bedd92dd7bc2a7de1653677e","sha1":"b15f3b2e370d9a7c2c40ea991c8f4a839617702d","sha256":"6e25cdc64273a412026df8a7b3510d9ba7dd6cd75653dd3eb884371b4ace73e8","sha512":"d6130c594f82eefca5109421095dc8c0603b44c4c714bdb8956e64278c9c1625263a531a1ad401fa344f180c2f1cbe95af8246c9e33dc6a28316ab243f448591","ssdeep":"1536:qiVj2AhHm0CfrtrPr7AhhTQbdS6U8H2GXVxICl1gGqotJFFp4L/Xzbv9ALVTFCew:sAhhTQg6U8p45s5Q","tlshash":"c6f397309984202cf11bc5eae5d0abef32649801f663077ef66370a6d6c21ef577674a","first_seen":"2025-10-09T23:37:04.753197Z","last_seen":"2026-04-03T09:54:39.303593Z","times_seen":50,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fi-worldcupclub.com/skin/cover/fiworldcupclubcom/hero-39.webp","fqdn":"fi-worldcupclub.com","domain":"fi-worldcupclub.com","tld":"com"},"ip":{"addr":"156.229.134.13","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fi-worldcupclub.com/","date":"2026-01-31T14:12:38.758Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dw-worldcupclub.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 30 Jan 2026 06:53:57 GMT","end":"Thu, 30 Apr 2026 06:53:56 GMT"},"fingerprint":{"sha1":"F0:02:07:6A:2D:35:54:3D:70:5D:5D:04:41:70:AC:C2:41:30:48:AB","sha256":"82:A7:EE:03:33:16:BF:7D:84:86:B8:75:DD:9F:2D:C7:DD:57:A1:F3:41:68:33:B0:EF:4A:81:8B:97:2D:1F:B7"}}},"request":{"raw":"GET /skin/cover/fiworldcupclubcom/hero-39.webp HTTP/1.1\r\nHost: fi-worldcupclub.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fi-worldcupclub.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 31 Jan 2026 14:12:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 93172\r\nlast-modified: Fri, 30 Jan 2026 08:23:18 GMT\r\netag: \"697c6a76-16bf4\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":93172,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 805x536, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"697092cd9da8c3fc80308658b1259b4c","sha1":"fccf1a50d25c99ba47f36ed39b4dbca78cd90288","sha256":"5f778f59111fcea66624eba1f3e1cef9eeedf9bc3908a1e66d5e250ca9274ed2","sha512":"85ae3e24c546741ff5a1f15af824e0320848cdb8013758185cbfbe4d3575009fb9974094d088c9b70a111723b6a12a94750b3b1fdd1e6de2bd961d2eb35d3f5e","ssdeep":"1536:tYV20kTkHZUm3QLvKMCDQKGIvdfUVKaYyurA2RVJ7mLyWrH5s0DHYhzaE:t01SyMCDQKG7KvEMVJxoHHbE","tlshash":"57931200b2c637a0d63cbe1778ac385a4936b12d25afd1985ba8fa3dfed76551f24804","first_seen":"2026-01-31T14:13:02.418405Z","last_seen":"2026-01-31T15:17:44.070847Z","times_seen":2,"resource_available":false,"data":null}},"time_used":877,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-31","alert":"Sinkholed","trigger":"fi-worldcupclub.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}